Cyber ​​security experts have warned of Iran's reaction to the killing of General Qassem Soleimani, and experts stressed the need for the United States to prepare for the possibility of bold Iranian cyber attacks aimed at causing great financial damage or threatening the lives of Americans in retaliation for the killing of one of its top generals.

Security experts have told the editors of the "Cybersecurity 202" section in The Washington Post that Iran may be ready to cross the boundaries in cyberspace, for example, experts warn that Iranian hackers may launch attacks that cut off electricity, or destroy records Significant financial or disruptive hospital or transportation systems in ways that threaten lives.

"We are in a more escalating situation than we were in the past, and there are some serious questions about whether there are red lines," said John Holtquist, director of intelligence analysis at Fire Eye Cybersecurity, adding that the Iranians "have no problem hitting people at this point." .

Experts also warn that Iran could launch massive attacks against US companies that encrypt and store their information for ransom, or target US government contractors to punish them for working with the White House.

Or perhaps Tehran is targeting US allies in the Middle East or American diplomatic goals abroad.

"We are definitely on new ground," said Lee Robert M., founder of the Dragos Cybersecurity firm that protects major industrial systems and a former National Security Agency official.

Experts also warn that Iran could launch large-scale attacks against US companies that are encrypting their information (Reuters)

Iranian capabilities to penetrate
Experts believe that Iran has routinely tested the limits of what it can get away with in cyberspace, including the destruction of American banks after the Obama administration imposed new sanctions in 2012, and breached dam control systems in New York in 2013.

It also claimed to erase data from tens of thousands of computers at Saudi state oil company Aramco in 2012 in one of the most devastating digital attacks ever.

Although these attacks were limited and far from the direct interests of the United States, experts fear that Iran will abandon restraint after the killing of the Quds Force commander, Major General Qassim Soleimani, who was accused by the Trump administration of planning major attacks against American targets.

But Iran's capabilities are still limited, as Robert tells me that Iranian infiltrators are not sophisticated enough to launch an attack that could affect the entire nation, so shutting down large portions of the electrical grid is not forthcoming here.

But they can disable electricity on a smaller scale, for example, by targeting an American city or parts of it. This could provoke a widespread fear of a larger attack, and perhaps drag the United States into a broader conflict by provoking a major response.

"It is really difficult to carry out these attacks, and you should not expect to see blackouts from the United States as a whole," said Robert. "What worries me is that they will win a small victory and we will overreact."

He mentioned that Iranian infiltrators have been able to access the computer networks of American industrial companies in the past, but there is no public evidence that they launched destructive breaches once they were there.

Experts fear that Iran will abandon restraint after the killing of Quds Force commander Qassem Soleimani (Reuters)

It is reported that just hours after the US air strike on Friday that killed Soleimani, Chris Krebs, chief of cybersecurity at the Department of Homeland Security, called on US companies to increase their defenses against Iranian infiltrators.

By Saturday evening, the Krebs agency was also monitoring the penetration of a secondary government website run by the government publishing office, which carried publicity for the Quds Force, while US government spokesperson for cyber security Sarah Cindik said there was no confirmation of the Iranian government making this hack.

Iran may delay the shooting
Experts believe that Iran may want to delay any harmful cyber attacks until it becomes clear how far the conflict will escalate. This is possible, because most very harmful cyber attacks require months of prior action to suddenly break into a company's computer networks.

"Iran will definitely use everything that it has, but I don't think there is a major cyber attack at this point ... every bit of the malware that it uses," said Jake Williams, founder of Rendition Infosec, a cyber security company and a former National Security Agency official. Iran can now turn into a bullet that it can fire later to have more impact. "

Nevertheless, there is also a possibility that Iran would be very careful not to cross the red lines with a cyberattack for fear that the Trump administration would retaliate far more strongly than expected.

"All the cards have been completely mixed up with this administration, and you don't know how they will react ... So Iran will have to go with caution," said Tony Cole, chief technology officer at Ativo Networks.